-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Reference: CERT-EU Security Advisory 2012-0005
Title: Vulnerabilities in Cisco IP Video Phone E20 [1] and Digital Media Manager [2].
Version history:
19.01.2012 Initial publication
Summary
=======
+ Cisco IP Video Phone E20 Default Root Account
Cisco TelePresence Software version TE 4.1.0 contains a default
account vulnerability that could allow an unauthenticated, remote
attacker to take complete control of the affected device.
The vulnerability is due to an architectural change that was made in
the way the system maintains administrative accounts. During the
process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an
unsecured default account may be introduced. An attacker who is able
to take advantage of this vulnerability could log in to the device as
the root user and perform arbitrary actions with elevated privileges.
CVE-2011-4659 (CSCtw69889) Cisco TelePresence TE Software Default Root Account Vulnerability
CVSS v2 Base Score: 10.0 (CRITICAL)
Remote: Yes
Credibility: Vendor Confirmed
Impact: Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to gain root access to the affected device.
+ Cisco Digital Media Manager Privilege Escalation Vulnerability
Cisco Digital Media Manager contains a vulnerability that may allow a
remote, authenticated attacker to elevate privileges and obtain full
access to the affected system.
Cisco Show and Share is not directly affected by this vulnerability.
However, because Cisco Show and Share relies on Cisco Digital Media
Manager for authentication services, attackers who compromise the
Cisco Digital Media Manager may gain full access to Cisco Show and
Share.
CVE-2012-0329 (CSCts63878) Digital Media Manager Privilege Escalation Vulnerability
CVSS v2 Base Score: 9.0 (HIGH)
Remote: Yes
Credibility: Vendor Confirmed
Impact: Successful exploitation of the vulnerability may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system. Additionally, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, successful exploitation of the vulnerability on Cisco Digital Media Manager may allow the remote attacker to gain full access to Cisco Show and Share
Vulnerable systems
==================
Cisco IP Video Phone E20 devices that have been upgraded to TE 4.1.0
Cisco Digital Media Manager version: prior to 5.2
Cisco Digital Media Manager version: 5.2.1
Cisco Digital Media Manager version: 5.2.1.1
Cisco Digital Media Manager version: 5.2.2
Cisco Digital Media Manager version: 5.2.3
What can you do?
================
+ Cisco IP Video Phone E20 Default Root Account
Updates are available from the vendor [1].
Workarounds: Administrators are advised to reset both the admin and root passwords
Updates are available from the vendor. [2]
Workarounds: none
What to tell your users?
========================
N/A
More information
================
[1] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-te
[2] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm
Best regards,
CERT-EU
CERT-EU Pre-configuration Team (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
(DISCLAIMER: CERT-EU, the CERT for the EU institutions, is currently in its setup phase, until May 2012. Services are provided in a pilot fashion, and are not yet fully functional. Announcements, alerts and warnings are sent out in best effort manner, and to contact information currently known to us. We apologise if you are not the correct recipient, or if you had already been warned about this issue from another source . Format, content and way of alerting are subject to change in the future. Contact information or even the team name may change as well.)
-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.39
iQJXBAEBAgBBBQJPGUe5OhxDRVJUIGZvciB0aGUgRXVyb3BlYW4gSW5zdGl0dXRp
b25zIDxjZXJ0LWV1QGVjLmV1cm9wYS5ldT4ACgkQJ6QGykasQ4MF7g//STqn/grt
gVbLwkRuE+sSDagtxWzR7lPSBXnQ0RbLxM8gPq8mBnVXCTvsfxne29Os5GTcX9fm
GGqWqu3nnbMLoXXqY5eHOtbilloTKxv2sYV/tGx0OMenMOoUnLJFovpuwJdTyQ2v
JJOR8c4ulkUFVILI0L9jrRZn2PlTygfQd+LpZ4nC5WJXflkgkCXB0xGWMJrPndup
m2l/EvUORVt2emZUYOXKu+INwil31sZgGWOvrtz6NrlqK8/HZI/pW7Umj6Gj4fKG
c4Hi71+EXJ3ch9SW2W2Cn+ML3wEKbBm33rtA6vBm279yB3kcbWK61wepfspBt6we
pmdWbKRsoqtM6W1snWjEBW+emT0unBJIYxVnT/tKNA7Acw4CHlkSaAhu6sVejpsc
Q9HOMpLPPp9ynL2SehANZ67cvIAzj5poAiFuv5CoKAiSmF4x+OWIXax2eTC3aWVt
hly+yYSVF50adl4nhcKmnYP5uzJoaFbkvxMdxDmE1V+f8Z6KAwtT45pFASwRgtzy
QNCsGEbj6uL1A9xIG87B+JZjmjzXET6mB8XUAx2xvqgOO3fCsVspsJbj0ouKBMk2
Q65gnjAQtUHnhmyB4tmRc6QkAH5BNg6DtZySvHZEC4UAtVou/tHMgWCbF6Pbg2WQ
/LRINNzLrpimJW1WFXdsyZX2CoB78yJUswE=
=wgV4
-----END PGP SIGNATURE-----